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METHOD AND APPARATUS OF STORAGE ANTI-PIRACY KEY ENCRYPTION 
(SAKE) DEVICE TO CONTROL DATA ACCESS FOR NETWORKS 

FIELD OF THE INVENTION 

The present invention relates to the field of network communications. More 
specifically, the present invention relates to a secured access to restricted 
information over the networks. 

BACKGROUND 

The piracy and illegal copying of software and other digital media has 
become extremely pervasive and currently results in billions of dollars in lost 
revenue for media and software owners worldwide. This problem is compounded 
by the advent of faster and more technologically advanced computers, the 
development of inexpensive mass storage media (i.e. CDs, DVDs), as well as 
copying devices such as CD writers, which aid in various aspects of digital piracy. 

Each technological breakthrough seemingly results in a new and better way 
to illegally copy intellectual property belonging to another. Examples of digital 
piracy include: the copying of proprietary software to sell to others, the installing of 
a single proprietary software package on several different systems, placing a copy 
of proprietary software on the Internet, or even downloading copyrighted images 
from the Internet. 

While digital piracy is fairly common among many end users who have 
lawfully purchased the software, large-scale piracy typically occurs at a reseller 
level. For instance, a reseller may duplicate and distribute multiple copies of a 
software program, a digital audio file or a digital video file to different customers. 
These counterfeit versions are sometimes passed on to unsuspecting customers. 
Hardware distributors have been known to preload different systems using a single 
software package. In such instances, customers are either not provided with 
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original manuals, diskettes and/or compact discs (CDs) or are simply supplied with 
pirated copies of the same. 

Numerous methods to combat the rampant problem of digital piracy have 
been devised. One of the methods is the used of trialware to restrict usage of a 

5 software product. Trialware may be implemented by either programming an 

expiration date or a usage counter into a software program. Such a scheme limits 
the use of a software product to a particular duration or a number of trial times, 
respectively, after which the protected application cart no longer be launched. 
Users are then forced to either purchase the full version of the product or to quit 

10 using it altogether. 

Hardware keys are another type of anti-piracy device that is commonly 
used to prevent illegal use of software. Hardware keys are devices that are 
plugged into selected ports of a computer. Once the software is executed, it then 
detects the presence of a hardware key in a similar manner to detecting other 
is hardware devices (such as a printer, monitor or a mouse). Programming the 
software such that it only operates when an appropriate hardware key is attached 
prevents illegal use of the software. As the number of hardware keys distributed 
to end users correspond to the number of seat licenses purchased, the software 
will not work when installed on another system without the requisite hardware key. 

20 Another common anti-piracy technique is to require the entry of a certain 

registration key that is supplied by the software company before the software can 
be installed. Traditionally, the registration keys are given only with the original 
software package, although some are issued electronically. Unfortunately, there is 
nothing to prevent the holder of the registration key from installing the software on 

25 multiple systems. In addition, many of the electronic registration keys are based 
on the user's personal information (i.e. such as the user's name), therefore, some 
backers have developed programs to calculate registration keys for random 
names. 

Unfortunately, as with the use of the registration key, all of the above anti- 
30 piracy systems (and many others) are easily circumvented by hackers. A common 



-2- 



WO 2004/015579 PCT/SG2003/000033 




method of combating these anti-piracy techniques is to disassemble the coding of 
the Application Programming Interface (API) to assembly language and, 
thereafter, decompile the assembly language into programming language. With 
the knowledge gained from the program flow, the hacker can easily re-write the 
5 program or set certain conditions within the program itself, such that it bypasses all 
the anti-piracy authentication algorithms. 

In view of the foregoing, it is extremely desirable to have an anti-piracy 
system that cannot be easily re-programmed or bypassed by computer hackers or 
other digital pirates. It is also desirable to have an anti-piracy system that cart be 
10 integrated with existing mass storage devices. 

SUMMARY OF THE INVENTION 

According to one aspect of the present invention, a method of SAKE is 
provided in which SAKE is coupled to a host or client system and SAKE obtains 
user's biometric identity information through its biometric sensor. User's biometric 

15 identity information, such as fingerprints, is verified according to the biometric 
templates stored in an internal memory unit of SAKE. Various initialization 
information including public key associated with the user is retrieved from the 
internal memory unit of SAKE and the initialization information is provided to an 
information provider or Internet Service Provider ("ISP") via a computer network 

20 such as Internet, through the host system. Upon verifying the initialization 
information, a network communication is established between SAKE and the 
information provider. When SAKE obtains information from the information 
provider, the information is encrypted and stored in a flash memory within SAKE. 
Additional features and benefits of the present invention will become 

25 apparent from the detailed description, figures and claims set forth below. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention will be understood more fully from the detailed 
description given below and from the accompanying drawings of various 
embodiments of the invention, which, however, should not be taken to limit the 
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invention to the specific embodiments, but are for explanation and understanding 
only. 

Figure 1 illustrates a schematic of an authentication system to verify a 
password from a host in accordance with one embodiment of the present 
5 invention. 

Figure 2 illustrates a schematic of an authentication system to verify a 
password from a host in accordance with a further embodiment of the present 
invention. 

Figure 3 illustrates a schematic of an authentication system to verify a 
10 password from a host in accordance with another embodiment of the present 
invention. 

Figure 4 illustrates a schematic of an authentication system to verify a 
password from a host in accordance with yet another embodiment of the present 
invention. 

is Figure 5 illustrates a method for authenticating a password from a host in 

accordance with one embodiment of the present invention. 

Figure 6 illustrates a schematic of a computer system using an anti-piracy 
file manager in accordance with a further embodiment of the present invention; 

Figure 7 illustrates a schematic of an authentication system for receiving 
20 data from a web server in accordance with another embodiment of the present 
invention. 

Figure 8 illustrates a network configuration in accordance with one 
embodiment of the invention. 

Figure 9 is a block diagram illustrating a SAKE device in accordance with 
25 one embodiment of the present invention. 

Figure 10 is a flow chart illustrating a method of providing data access 
control over a network in accordance with one embodiment of the present 
invention. 
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Figure 11 is a flow diagram showing various steps of an embodiment of the 
authentication method of the present invention. 

DETAILED DESCRIPTION 

An apparatus and method for providing data access control over Internet 
are discussed. 

In the following description, for purposes of explanation, numerous specific 
details are set forth to provide a thorough understanding of the present invention. 
It will be apparent, however, to one skilled in the art that these specific details may 
not be required to practice the present invention. In other instances, well-known 
circuits and devices are shown in block diagram form to avoid obscuring the 
present invention. 

It is understood that the present invention may contain transistor circuits 
that are readily manufacturable using well-known art, such as for example CMOS 
("complementary metal-oxide semiconductor) technology, or other semiconductor 
manufacturing processes. In addition, the present invention may be implemented 
with other manufacturing processes for making digital devices. 

Figure 1 illustrates an authentication system 10 to verify a password 12 
from a host 14 in accordance with one embodiment of the present invention. 
Authentication system 10 includes a first storage unit16, a read-only memory 
(ROM) unit 18 and a microcontroller 20. Microcontroller 20 is coupled to host 14, 
first storage unit 16, ROM unit 18 and a second storage unit 22. Microcontroller 
20 is preferably coupled to host 14 through a Universal Serial Bus (USB) 
controller. 

In other embodiments of the present invention, ROM unit 18 may be formed 
as part of microcontroller 20. Furthermore, both first storage unit 16 and second 
storage unit 22 may be one of a number of mass storage devices, including hard 
drives, floppy disks, or removable flash memory devices, such as the ThumbDrive 
manufactured by Trek 2000. In addition, the two storage units may be utilized in 
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one physical structure to form a single mass storage device. The mass storage 
device may also be placed with microcontroller 20 to form a single chip. 

First storage unit 16 stores an authentication sequence 24, which is used to 
verify password 12. An authentication algorithm 26 to authenticate password 12 
with authentication sequence 24 is programmed onto ROM twit 18. In addition, 
ROM unit 18 preferably comprises a shutdown algorithm 28. Because these 
algorithms and other data are hard coded, the contents of ROM unit 18 cannot be 
decompiled or altered. Upon receiving password 12, microcontroller 20 loads and 
executes authentication algorithm 26 to verify password 12 with authentication 
sequence 24. Access to second storage unit 22 s permitted only if password 12 is 
verified. 

Password 12 may be entered by a user or a software program executed by 
host 14 after receiving a query from microcontroller 20. Because authentication 
algorithm 26 is hard coded onto ROM unit 18, copying or decompiling and 
changing the software program resident on host 14 does not breach the copy 
protection provided by the present invention. It will be apparent to one skilled in 
the art that password 12 may be a private string of characters, a sequence of 
communication protocols or some other security protocol known only to an 
authorized user. In addition, password 12 and authentication sequence 24 may 
form part of a biometric authentication process by using a user's fingerprints, iris, 
face, or voice as authentication means. 

Password 12 may also be programmed into the software running on host 1- 
and recognizable only by authentication algorithm 26 and therefore not known to 
an end user. As described above, authentication algorithm 26 is preferably 
implemented on hardware or firmware (such as ROM unit 18) so that it is tamper 
resistant; that is, authentication algorithm 26 will be either extremely difficult to 
reverse engineer or extract data from, and therefore extremely difficult to bypass. 

Shutdown algorithm 28 is preferably implemented as a deterrent against 
brute force attacks by shutting down the entire system if a series of incorrect 
passwords is received by microcontroller 20. An authentication system 
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programmer may define the maximum number of incorrect passwords allowed 
before the system shuts down. Shutdown algorithm 28 may also be programmed 
to not accept anymore password entries or a specified amount of time. By using 
shutdown algorithm 28, trial and error methods used by brute force application 
5 programs to identify password 12 would become an extremely tedious process for 
hackers. The algorithm would therefore deter potential hackers from even 
attempting to identify password 12. 

Second storage unit 22 is used to store programs and/or files, which are 
required for a program on host 12 to run. Examples of such files include 
10 executable programs such as a software installer), digital audio files, digital video 
files, image files, text files, and library files. Microcontroller 20 allows access to 
second storage unit 22 from host 14 only if the correct password 12 has been 
received by microcontroller 20. 

Although illustrated in this embodiment as separate entities, it should be 
15 evident to a person skilled in the art that microcontroller 20, first storage unit 16, 
ROM unit 18 and second storage unit 22 may be combined in a number of ways. 
For example, microcontroller 20, first storage unit 16, ROM unit 18 and second 
storage unit 22 may be implemented on a single semiconductor chip. In an 
alternative embodiment, microcontroller 20 and ROM unit 18 may be implemented 
20 on a chip that is separate from the storage units. 

The present invention therefore has great flexibility of design that may 
easily be altered depending on a user's requirements. For example, on one hand, 
the use of multiple chips may allow different vendors to manufacture different parts 
of the authentication system. On the other hand, fabricating the present invention 
25 onto fewer hips (or a single chip) may be less expensive and provide better 

performance. In addition, if ROM unit 18 and microcontroller 20 are located on the 
same chip, it may be more difficult to separate the ROM to read the data stored. 

Figure 2 illustrates an authentication system 50 to verify a password 52 
from a host 54 in accordance with a further embodiment of the present invention. 
30 Authentication system 50 comprises a first storage unit 56, a ROM unit 58 and a 
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microcontroller 60. Microcontroller 60 is coupled to host 54, first storage unit 56, 
ROM unit 58 and an encoder 62. Encoder 62 is further coupled to a second 
storage unit 64. First storage unit 5 stores an authentication sequence 66, which 
is used to verify password 52. An authentication algorithm 68 to authenticate 
5 password 52 is programmed onto ROM unit58. ROM unit 58 preferably includes a 
shutdown algorithm 70. 

Upon receiving password 52, microcontroller 60 loads and executes 
authentication algorithm 68 to verify password 52 with authentication sequence 66. 
Access to second storage unit 64 is permitted only if password 52 is verified. 
10 Shutdown algorithm 70 preferably shuts down the entire system if a series of 
wrong passwords is received by microcontroller 60. An authentication system 
programmer determines the maximum number of incorrect password attempts 
allowed. 

Data to be read from or written onto second storage unit 64 is first 
is decrypted or encrypted respectively by encoder 62. Many different encryption 
schemes may be used by encoder 62, including International Data Encryption 
Algorithm (IDEA), Data Encryption Standard (DES) encryption. Triple Data 
Encryption Standard (3-DES) encryption, and Pretty Good Privacy (PGP). By 
encrypting the contents of a second storage unit 64, a hacker will not be able to 
20 make sense of the contents even if he manages to read the contents bypassing 
microcontroller 60 (for example, by using a probe)/ After password 52 has been 
authenticated, a decoder (not illustrated) may be used to decrypt the contents of 
second storage unit 64. 

Alternatively, the data stored in second storage unit 64 may be protected by 
25 hash coding. In addition, authentication sequence 66 is preferably encrypted or 
hashed as well prevent hackers from unraveling authentication sequence 66. This 
may be accomplished without requiring an additional encoder if first storage unit 
56 is located thin second storage unit 64. 

Figure 3 illustrates a schematic of an. authentication system 100 to verify a 
30 password 102 from a host 104 in accordance with another embodiment of the 



-8- 



WO 2004/015579 PCT/SG2003/000033 




present invention. Authentication system 100 comprises a ROM unit 106 and a 
microcontroller 108. Microcontroller 108 is coupled to host 104, ROM unit 106 and 
an encoder 110. Encoder 1 10 is further coupled to a storage unit 112. An 
authentication algorithm 114 to authenticate password 102 is programmed onto 
5 ROM unit 106. An authentication sequence 1 16 to verify password 102 is hard 
code into authentication algorithm 1 14. ROM unit 106 preferably comprises a 
shutdown algorithm 118. 

As described in previous embodiments, upon receiving password 102, 
microcontroller 108 loads arid executes authentication algorithm 1 14 to verify 
10 password with authentication sequence 116. Access to storage unit 1 12 is 

permitted only if sword 102 is verified. Shutdown algorithm 1 18 is preferably used 
to shut down the entire system if a series of incorrect passwords is received by 
microcontroller 1 08. 

By hard coding authentication sequence 116 directly into authentication 
15 algorithm 1 14, possibly in multiple places, modification of authentication sequence 
116 becomes substantially more difficult. In order to change a hard code 
authentication sequence, not only is recompilation necessary (if using a compiled 
language), but also sufficient understanding of the implementation is required to 
ensure that the change will not cause program failure. Such a measure makes it 
20 difficult for a hacker to re-program authentication system 1 00. 

Figure 4 illustrates an authentication system 150 to verify password 152 
from a host 154 in accordance with another embodiment of the present invention. 
Authentication system 150 comprises a read-only memory (ROM) unit 156 and a 
microcontroller 158. Microcontroller 158 is coupled to host 154, ROM unite 156 
25 and an encoder 1 60. Encoder 1 60 is further coupled to a storage unit 1 62. Data 
to be read from written onto storage unit 162 is first decrypted or encrypted 
respectively by encoder 160. Alternatively, hash coding may be employed to 
protect the data stored in storage unit 162. 

Storage unit 162 is made up of two types of data storage areas: a public 
30 storage area 164 and a private storage area 166. An authentication sequence 
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168, which is used to verify password 152, is stored in private storage area 166. 
An authentication algorithm 170 to authenticate password 152 is programmed onto 
ROM unit 156. ROM unit 156 also contains a shutdown algorithm 172. Public 
storage area 164 and private storage area 166 may be created by under-declaring 
the memory size available on storage unit 162. 

Take for example a storage unit with physical addresses ranging from 000 
to 1000, if only physical addresses 000 to 500 are declared to an operating system 
(OS) such as Windows, on host 154, the OS will not be aware of the presence of 
physical addresses 501 to 1000. Under such circumstances, data stored within 
physical addresses 000 to 500 will be accessible to any user. This area is known 
as a public storage area. Conversely, undeclared physical addresses 501 to 1000 
form a private storage area since these tresses are only be available to 
microcontroller 158 and cart only be accessed by an authorized user or software 
program. 

Under non-secure operating conditions, any user may instruct host 154 to 
read data from or write data onto public storage area 164. However, if a user 
wishes to access private storage area 166, the user or the software program must 
first enter password 1 52, which is then sent to microcontroller 158 for 
authentication. Upon receiving password 152, microcontroller 1 58 executes 
authentication algorithm 170 to verify password 152 with authentication sequence 
168. Access to private storage area 166 is permitted only if password 152 is 
verified. Shutdown algorithm 172 shuts down the entire system if a series of 
incorrect passwords is received by microcontroller 1 58. 

Figure 5 illustrates a method 200 for authenticating a password from a host 
in accordance with one embodiment of the present invention. An authentication 
sequence is first provided in a block 202 and preferably stored in a first storage 
unit. Also provided, in another block 204, is an authentication algorithm, which is 
stored in a ROM unit. After receiving a prompt from the host, a password is 
entered in by a user or by a software program. The password is then received in a 
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block 206 by a microcontroller that executes an authentication algorithm to verify 
the password with the authentication sequence in a decision block 208. 

If the password is verified in decision block 208, access to a private area, 
such as second storage unit in the above-described embodiments, will be 

5 permitted in a block 210. The user is then able to read from or write onto the 
second storage unit, which is preferably encrypted. If the password is not verified 
in decision block 208, the user will be denied access to the second storage unit 
and method 200 will end in a block 212. Alternatively, if the password is incorrect, 
the user may be given additional chances to enter the right password. However, 

10 system is preferably shut down if a series of incorrect passwords is received by 
the microcontroller. 

Figure 6 illustrates a schematic of a computer system 250 using an anti- 
piracy file manager 252 in accordance with a further embodiment of the present 
invention. Anti-piracy file manager 252 is coupled to an anti-piracy authentication 

15 engine 254 and a storage unit 256. Anti-piracy manager 252 answers requests 
from a number of software programs 258 that request different authentication 
schemes from anti-piracy authentication engine 254. Access to storage unit 256 is 
guarded by an authentication system 260. In this exemplary system, the flexibility 
of the present invention allows for authentication of many different types of 

20 software programs at the same time through anti-piracy file manager 252. . 

Figure 7 illustrates a schematic of an authentication system 300 for 
receiving data from a web server 302 in accordance with another embodiment of 
the present invention. Authentication system 300 is coupled to a host 304, which is 
connected to web server 302, typically by using either a dial-up or a broadband 
25 connection. Host 304 is coupled to authentication system 300, preferably, via a 
USB connector. Examples of host 304 include a personal computer (PC), a 
personal digital assistant (PDA), a Wireless Application Protocol-enabled (WAP- 
enabled) mobile phone, and a tablet. 

To retrieve data from web server 302, a password received by host 304 is 
30 verified by authentication system 300. The password is typically entered by a user 
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or by software the host, if the password is entered by the user, the authentication 
system may also be configured to accept a biometrics password, such as a 
fingerprint or a retina scan. If the verification is successful, authentication system 
300 sends a request through host 304 for access to web sewer 302. Upon 

5 receiving the request, web server 302 grants access to a web page having the 
secured data. The data may be in the form of a music file or an online book or a 
software program. Because the authentication algorithm in authentication system 
300 is hard coded, an unauthorized user will not be able to circumvent or change 
the verification scheme in authentication system 300 and, hence, will be unable to 

10 access the data on web server 302. 

In another embodiment of the present invention, the password is embedded 
in the data to be retrieved from the Internet. Host 304 sends a request for the data 
to web server 302. Upon receiving the request, web server 302 sends the 
password embedded in the quested data to authentication system 300 for 

is verification. If the verification is successful, authentication system 300 allows host 
304 to access the data, upon where it may be displayed or executed. In a 
preferred embodiment, the data from web server 302 is encrypted. Decryption of 
the data is carried out in authentication system 300 before in host 304 or storage 
in authentication system 300. 

20 Other embodiments of the invention will be apparent to those skilled in the 

art from consideration of the specification and practice of the invention. 
Furthermore, certain terminology has been used for the purposes of descriptive 
clarity, and not to limit the present invention. The embodiments and preferred 
features described above should be considered exemplary, with the invention 

25 being defined by the appended claims. 

Overview of Storage Anti-piracv Key Encryption device ("SAKE") 

According to one aspect of the present invention, a method of SAKE is 
provided in which SAKE is coupled to a host or client system and SAKE obtains 
user's biometric identity information through its biometric sensor. User's biometric 
30 identity information, such as fingerprints, is verified according to the biometric 
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templates stored in an internal memory unit of SAKE. Various initialization 
information including public key associated with the user is retrieved from the 
internal memory unit of SAKE and the initialization information is provided to an 
information provider or Internet Service Provider ("ISP") via a computer network 
5 such as Internet, through the host system. Upon verifying the initialization 
information, a network communication is established between SAKE and the 
information provider. When SAKE obtains information from the information 
provider, the information is encrypted and stored in a flash memory within SAKE. 

In one embodiment, SAKE is a storage and anti-piracy device that includes 
10 onboard biometric verification capability. SAKE has universal connectivity 
capabilities, such as USB connectors. High-speed data transfer and large 
memory capacity are other advantages of SAKE. For example, SAKE may have 
the memory capacity of one gigabytes and have an access speed up to one 
gigabit per second. A more detailed discussion of SAKE will be discussed later. 

15 Figure 8 illustrates a network configuration 800 in accordance with one 

embodiment of the invention. Network configuration 800 includes multiple SAKEs 
802, host systems, Internet 810, and various information providers, content 
providers and/or ISPs. The host systems, in one aspect, includes personal 
computer ("PC") 804, laptop 805, personal digital assistant ("PDA") and other 

20 digital processing systems, such as servers, mini-computers, mainframe 
computers, point of sale machines, workstations, et cetera. Internet 810, in 
another embodiment, may be an Intranet, wide area network ("WAN") and/or local 
area network ("LAN"). Information providers include online transaction 820, 
Internet sides 830, sales of services 840, personal medical information 850, e- 

25 learning materials 860, library 865, publisher 870, music 875 and TV games and 
movies 880. It is apparent to one of ordinary skilled in the art that other functional 
blocks may be added to network configuration 800. 

The content provider of online transaction 820 includes various online sale 
transactions, which includes online sales of merchandises, software, information 
30 and network services over the Internet. In one embodiment, SAKE 802 provides a 
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secured transaction, which involves access, purchasing and download the 
product, between the user and the information provider. An advantage of using 
SAKE is to prevent unauthorized, rampant copying of commercial information. 

The content provider of Internet sites 830 includes various restricted web 
sites, which require, for example, memberships to access the information posted 
on the restricted web sites. In one embodiment, SAKE 802 provides a controlled 
access to restricted Internet sites. In another embodiment, SAKE 802 provides a 
method of controlled distribution of information received by SAKE. An advantage 
of using SAKE in this case is to prevent unauthorized access. 

The content provider of Services 840, in one aspect, includes various online 
services that provide support, resources and/or upgrades. In one embodiment, 
SAKE 802 provides a method of providing services and/or upgrades to clients who 
are authorized and/or registered for the services. An advantage of using SAKE in 
this case is to prevent unauthorized party to receive services. 

The content provider of medical data 850, in one aspect, contains medical 
information, such as a restricted hospital web site. In one embodiment, SAKE 802 
provides a secured method to retrieve personal medical information over the 
Internet from the content provider for medical data 850. An advantage of using 
SAKE in this case is to prevent unauthorized party to access personal medical 
data. 

The content provider of e-leaming 860, in one aspect, includes various 
online educational materials that are either posted on the web page or 
downloaded from the web site. In one embodiment, SAKE 802 provides a secured 
method to download various educational and/or learning materials to from the 
content provider to various clients who are authorized and/or registered to receive 
the educational materials. An advantage of using SAKE in this case is to prevent 
unauthorized party to download the educational materials from the content 
provider of e-learning 860. 

The content provider of library 865 and publisher 870, in one aspect, 
includes various online books and articles that either can be checked out or 
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purchased. In one embodiment, SAKE 802 provides a secured method of 
purchase or checkout by downloading digital a copy of book and/or article for 
authorized users. An advantage of using SAKE in this case is to prevent 
unauthorized party to obtain copies of books and articles posted on the web sites. 

5 The content provider of Music 875 and television games/movies 880, in one 

aspect, includes various online digital music and games/movies that either can be 
checked out or purchased. In one embodiment, SAKE 802 provides a secured 
method of purchase or check out a digital copy of music, games and/or movies for 
authorized users. An advantage of using SAKE in this case is to prevent 

10 unauthorized party to obtain copies of music, games and/or movies posted on the 
web sites. 

In operation, when, for example, a user desires to purchase a software from 
a website, a SAKE first authenticates the user, which may involve biometric 
identification process. After the identity of the user is verified, SAKE notifies the 

15 website with an access request and security codes. Upon acknowledgement of 
access request and security codes, the website, which could act through an ISP, 
establishes a network communication with SAKE over the Internet 810. An 
encrypted public key is subsequently forwarded from SAKE to the website to 
confirm the true identity of user. Once the user identity is confirmed by the 

20 website, it sends the requested software to SAKE via SAKE's host system. Upon 
receiving the software, it is directly stored in the flash memory of SAKE with limited 
or no trace in the host system. 

An advantage of using SAKE, function as an anti-piracy device, is to 
prevent unauthorized copying of information over the Internet. Another advantage 
25 of using SAKE is to store the downloaded contents directly into SAKE only, 

thereby there is no traces on the host system after SAKE is disconnected from the 
host system. Another advantage is to employ personal and biometric information 
to authenticate users before the users are given access to quality contents over a 
network, such as Internet or Intranet. 
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Figure 9 is a block diagram illustrating a SAKE 900 in accordance with one 
embodiment of the present invention. SAKE 900 includes a micro-control unit 
("MCU") 901 , flash memory 922, USB connector (plug) 916 and biometric sensor 
920. MCU 901 further includes a processor 902, internal memory 904, tamper 
5 proof unit 906, encryption/decryption unit 908, hashing algorithm 910, biometric 
verification 912 and USB controller 914. In one embodiment, a processor 902, 
internal memory 904, tamper proof unit 906, encryption/decryption unit 908, 
hashing algorithm 910, biometric verification 912 and USB controller 914 are 
fabricated on a single die. Various buses 930-938 are used to couple various 
10 units in SAKE 900. It is apparent to one of ordinary skilled in the art that other 
functional blocks may be added to SAKE 900. 

Processor 902 is coupled to buses 930-932 for communicating information 
to and from various components. Processor 902 includes microprocessor, 
processor, central processing unit, or digital processing unit such as Pentium™, 
15 PowerPC™, Alpha™ and the like. Processor 902 controls the data flow of SAKE 
900 through executing instructions. In one embodiment, processor 902 executes 
navigation software, which may be stored in internal memory 904, for controlling 
the data flow. 

Internal memory 904, in one embodiment, is a flash memory designed to 
20 store authentication data, such as public keys, private keys, biometric templates, 
et cetera. It should be noted that public keys, private keys, and biometric 
templates are loaded into internal memory 904 during the setup or initialization of 
SAKE 900. Internal memory 904 is coupled to processor 902 through dedicated 
bus 932 for fast data store and fetch. In another embodiment, Internal memory 
25 9 04 is coupled to processor 902 through system bus 930. Biometric templates 
include fingerprint and/or iris templates. In another embodiment, internal memory 
904 stores the navigation software, which is responsible to control data flow 
between ISP and SAKE. The navigation software is also responsible to retrieve 
data from flash memory 922 and then display the data. 
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Biometric sensor 920 is coupled to biometric verification unit 912 via bus 
936, wherein biometric sensor 920 detects biometric information or patterns from a 
user. For example, fingerprint sensor as a biometric sensor detects fingerprint 
patterns from the user who is currently holding SAKE 900. Once the fingerprint of 
the user is obtained, it is forwarded from the fingerprint sensor to biometric 
verification unit 912 for authenticating the user. Upon receipt of the biometric 
information, biometric verification unit 912 fetches biometric templates, such as 
fingerprint templates, from internal memory 904 via processor 902 and 
authenticates the biometric information just received against biometric templates. 
The result of the authentication is forwarded to processor 902. It should be noted 
that the biometric templates are loaded during the initialization of SAKE. 

USB controller 914 is coupled to system bus 930 and USB connector 916 
via a dedicated bus 938. USB controller 914 is designed to control communication 
between SAKE 900 and the host system, not shown in Figure 9. USB connector 
916, in one embodiment, is a USB plug that is capable to directly connect to a 
USB port of host system. USB connector 916 is designed to support entire weight 
of SAKE while it is plugged in a USB port. It is further noted that when SAKE is 
plugged in a USB port of the host system, only a portion of SAKE is inserted into 
the host system. 

Hashing algorithm 910 is coupled to system bus 930 to perform a hash 
function. Hashing algorithm 910 is, in one embodiment, a standard hashing 
algorithm, such as secure hash standard (SHS) and is designed to hash public 
keys before they are being sent to their destination over the Internet. 

Flash memory 922 is coupled to MCU 901 via bus 934 and is configured to 
store large amounts of data. For example, flash memory 922 can store up to one 
gigabyte. In one embodiment, flash memory 922 has capacity of mass storage 
and data downloaded from the ISP can be directly stored in flash memory 922. To 
secure data from hacking, data is encrypted before it is stored in flash memory 
922. Encryption/decryption unit 908 is coupled to system bus 930 and coupled to 
flash memory 922 via bus 934. In one embodiment, Encryption/decryption unit 
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908, which may be a standard encryption code, encrypts data according to a 
private key before it stores in flash memory 922. Encryption/decryption unit 908 is 
also used to decrypt data according a private key after the data is fetched from 
flash memory 922. 

Tamper proof unit 906 is coupled to system bus 930. A function of tamper 
proof unit 906 is designed to erase data stored in internal memory 904 and flash 
memory 922 when tamper proof unit 906 detects tampering or hacking SAKE 
using high temperature, voltage, and/or frequency. In one embodiment, tamper 
proof unit 906 contains sensors that can detect abnormal conditions, such as 
voltage, frequency and temperature are beyond the specification. 

Figure 10 is a flow chart 100 illustrating a method of providing data access 
control over a network in accordance with one embodiment of the present 
invention. At block 1002, the process couples a control device to a digital 
processing system. In one aspect, the control device is a SAKE, which includes a 
USB connector, MCU, flash memory and biometric sensor. The USB connector is 
used to directly connect to a USB port of digital processing system, which acts as 
a host system of SAKE. The process proceeds to block 1004. 

At block 1004, biometric sensor detects user's biometric information and 
forwards the detected biometric information to biometric verification unit. The 
verification unit authenticates the detected biometric information against biometric 
template stored in the internal memory. When the user's identity is authenticated, 
which means the biometric information such as fingerprint matches with the 
biometric template, the process moves to block 1006. 

At block 1006, the process retrieves initialization information from the 
internal memory. In one embodiment, the initialization information includes a 
security code and a public key. The security code, which may vary between ISPs, 
is used to establish an initial communication between SAKE and the ISP. The 
process proceeds to block 1008. 

At block 1008, the process forwards the security code to an associated ISP 
and request to establish communication. Once the communication is formed, the 
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public key is forwarded to the ISP to confirm that the true user is communicating 
with the ISP. The process moves to block 1010. 

At block 1010, a communication between SAKE and the ISP is established 
and ISP is ready to perform user's request. The process moves to block 1012. 

5 At block 1012, SAKE receives requested information such as a copy of 

digital book or a movie. When the requested information is encrypted, the process 
moves to block 1014. 

At block 1014, the process stores the encrypted data in the flash memory of 
SAKE. The process moves to the next block. 

10 Figure 1 1 is a flow diagram showing various steps of an embodiment of the 

authentication method of the present invention. In a currently preferred 
embodiment, a user requests and downloads restricted content into a SAKE 
device assigned to that user from a content server using the authentication 
process as described below with reference to Figure 1 1. As described above, the 

15 restricted content can be any of a wide variety of information, such as copyrighted 
materials (e.g., newspapers, books, magazines, music, movies, software, games, 
etc.), confidential records (e.g., medical, financial), proprietary business 
information (e.g., personnel files, technical designs, client contacts, etc.), contents 
that require payment or age verification before access is granted, and any other 

20 information requiring access control. 

In step 1 105, to initiate the authentication process, a user accesses a login 
web page of a content provider utilizing an embodiment of the authentication 
method of the present invention. Typically, the user navigates the Web using 
common internet browser software (e.g., Microsoft Internet Explorer) installed on a 

25 client computer connected to the Internet. To access the designated login page, 
the user enters the web page address (e.g., URL address) of the login page or 
click on a hyperlink or bookmark pointing to that address. Depending on the 
particular application, the client computer can be a desktop computer, a laptop 
computer, a personal digital assistant (PDA), a point-of-sale (POS) terminal, a 

30 television, a gaming console, a networked kiosk, or any other network-enabled 
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device that allows the user to interact with the content server. In one embodiment, 
the login page is stored on a content server and is programmed to include a 
"Login" button or link which, when clicked, causes the content server to generate a 
command that initiates the authentication process. Accordingly, the user clicks on 
the "Login" button to start the authentication process. 

In step 1110, the SAKE device, which in one embodiment comprises a USB 
plug that is plugged into a USB port of the client computer, receives the command 
from the content server. This command establishes communication between the 
content server and the SAKE device. The command also serves to notify the 
SAKE device that the content server is ready to receive information pertaining to 
the authentication process from the SAKE device. 

In step 1115, the SAKE device captures biometric information from the user 
via a biometric detector that is built into the SAKE device. In a currently preferred 
embodiment, the biometric detector is a built-in fingerprint sensor on an upwardly- 
facing surface of the SAKE device. When the user places his/her thumb on the 
sensor, the thumbprint is captured for verification by the SAKE device, as 
described in step 1 120 immediately below. While fingerprinting is described 
herein as an identity authentication technique, it is appreciated that other 
biometric-based techniques, such as iris-scan, can also be used in accordance 
with the present invention. 

In step 1120, the captured biometric information is verified against stored 
biometric template(s) of one or more authorized user(s). In one embodiment, 
when the SAKE device is assigned to an authorized user, the fingerprint of that 
authorized user is captured and stored into the SAKE device as a fingerprint 
template. In an embodiment where multiple authorized users are supported, a 
separate template is created and stored for each authorized user. Thereafter, 
when a person wants to access restricted contents on a server for which the SAKE 
device is assigned, that person's fingerprint can be verified by a fingerprint 
verification engine in the SAKE device against the stored fingerprint template(s) of 
the authorized user(s). 
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If in step 1 120 it is determined that the captured biometric information (e.g., 
fingerprint) matches the stored biometric template (or one of the templates in the 
case of multiple authorized users), then in step 1 125, the SAKE device transmits a 
notification to the content server, indicating to the server that the current user's 
identity has been authenticated biometrically. 

In step 1130, the SAKE device receives a device authentication request 
from the content server. In a preferred embodiment, the content server transmits 
a device authentication request to the SAKE device upon receiving the notification 
of user identity authentication from the SAKE device as described in step 1 125 
above. 

In step 1 1 35, the SAKE device transmits a device authentication reply to 
the content server in response to the device authentication request described in 
step 1 130 above. Significantly, the device authentication reply allows the SAKE 
device and the content server to complete an authentication handshake. The 
SAKE device is programmed to generate a device authentication reply is 
characteristics of and is recognizable by the particular content server. Therefore, 
the reply enables the server to verify that the SAKE device is property assigned to 
the user for accessing restricted content on the server. In accordance with a 
preferred embodiment, the device authentication reply includes multiple 
authentication sequences, with each sequence being transmitted to the server 
separately. For example, after transmitting a first authentication sequence, the 
SAKE device can wait for a confirmation sequence from the server before 
transmitting the next sequence itself. Any number of sequences can be used in 
the authentication handshake, allowing for flexibility in customization. In a 
preferred embodiment, different content servers have different authentication 
handshakes with their corresponding SAKE devices, so that a given SAKE device 
assigned for a particular content server will be of no use in accessing restricted 
content on another content server. 

In step 1 140, the SAKE device receives a key request from the content 
server. In a preferred embodiment, the content server transmits a key request to 
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the SAKE device when the authentication handshake described above in step 
1 1 35 is completed. In other words, when the content server has ascertained that 
the request for restricted content originates from a legitimate SAKE device 
properly assigned for that purpose, the server sends a key request to the SAKE 
5 device. 

In step 1 145, the SAKE device transmits a first key representative of the 
user's identity to the content server in response to the key request described in 
step 1 140 above. This first key enables the server to confirm the user's identity. 
In a preferred embodiment, the first key is a public key (e.g., as used under the 

10 Public Key Infrastructure, or PKI) that uniquely identify the key holder to third 
parties, such as the content server in this case. In one embodiment, the public 
key is hashed using a secure hashing algorithm, preferably stored in a non-volatile 
solid-state memory, before transmission to the content server, It is appreciated 
that according to the present invention, the key verification can be performed by 

15 the content server itself or by a certifying authority ("CA") on behalf of the content 
server. 

In step 1 1 50, the SAKE device receives the restricted content from the 
content server as requested. In one embodiment, the restricted content is 
received by the SAKE device as one or more data streams. In other words, the 
20 content is transmitted from the content server to the SAKE device by streaming. 

It should be appreciated that according to a preferred embodiment 
described above, the content server only sends the restricted content to the SAKE 
device after a successful biometric authentication of the user's identity, a 
successful authentication handshake between the content server and the SAKE 
25 device, and a successful verification of the user's identity using a unique key such 
as a public key. The tri-level authentication process of the present invention as 
described provided very strong security protection against unauthorized access of 
restricted content stored on the content server. 

In step 1 1 55, the SAKE device encrypts the content received from the 
30 content server In a preferred embodiment, the encryption is performed using a 
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second key representative of the user's identity. In one embodiment, the second 
key is a private key assigned to the user. 

In step 1 1 60, the SAKE device stores the encrypted content in its memory. 
The stored content is secured against unauthorized access because it is in 
encrypted form and cannot be decrypted without the second key (e.g., private key) 
described above in step 1 155. In one embodiment, the encrypted content is 
stored in a non-volatile solid-state memory. 

In a preferred embodiment, the SAKE device includes one or more of a 
voltage detector, a frequency detector and a temperature detector (e.g., 
thermometer, thermostat) to further protect the stored information against 
tampering. These detectors monitor the operation parameters of voltage, 
frequency and temperature. It is appreciated that common hacking techniques 
involve altering the voltage, frequency and/or temperature of the environment in 
which a storage device operates in an attempt to gain unauthorized access to the 
stored data. Thus, according to this embodiment, when the detectors detects that 
one or more of the operation parameters fall beyond their normal operating ranges 
as specified, the SAKE device erases or otherwise destroy the encrypted data 
stored therein, and optionally the first key, the second key and the biometric 
template. This data self-destruction feature provides a last line of defense against 
unauthorized access of the restricted content stored in the SAKE device. 

Importantly, content received from the content server goes directly to the 
SAKE device and is not stored on the client computer in any form. The internet 
browser serves as a conduit of data transfer between the content server and the 
SAKE device. The data transfer is transparent to the user and the content is 
neither displayed to the user in the browser, nor is the content allowed to be stored 
on the client computer using the browser interface. In a preferred embodiment, 
data is transferred by streaming, which provides additional protection against 
hacking, as portions of a data stream cannot be meaningfully reassembled in case 
of malicious interception. In one embodiment, encrypted content received from 
the server is decrypted by the browser (using standard decryption protocols such 
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as DES, AES, 3-DS) and then encrypted by the SAKE device using a private key 
before storing. In another embodiment, the encrypted content is passed as is to 
the SAKE device, which can performed additional decryption and/or re-encryption. 
The restricted content is stored within the SAKE device in encrypted form and 
cannot be replicated to another storage medium connected to the client computer. 
Moreover, retrieval of the data is only allowed when the user's identity is 
authenticated through the biometric detector and verification engine. 

Once the content is securely stored in the SAKE device, an authorized user 
can gain access to the content by a successfully passing the biometric 
authentication, thereby causing the SAKE device to decrypt the stored content and 
streaming it to the appropriate application program for processing. For example, a 
music file or a movie file is decrypted and streamed to a media player for 
playback. An executable file is decrypted and then run from the SAKE device. A 
document is decrypted for viewing by a viewer/word processing program straight 
from the SAKE device. Thus, the content remains in the SAKE device and the 
streaming of the data is under the control of the SAKE device so that unauthorized 
access is prevented. In another embodiment, the encrypted content is streamed 
for processing by the appropriate application program without being decrypted. In 
this embodiment, a customized application program capable of processing the 
encrypted content is provided. 

In the foregoing specification the invention has been described with 
reference to specific exemplary embodiments thereof. It will, however, be evident 
that various modifications and changes may be made thereto without departing 
from the broader scope of the invention. The specification and drawings are, 
accordingly, to be regarded in an illustrative rather than restrictive sense. 
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CLAIMS 

What is claimed is: 

1 . A method for providing data access control over information networks 
comprising: 

5 coupling a control device to a digital processing system; 

obtaining user identification by executing a user authentication process; 
retrieving initialization information from a first memory unit of the control 
device in response to an information provider when user's identity 
is authenticated; 

10 providing the initialization information to the information provider via the 

information network through the digital processing system; 
establishing a communication between the control device and an 

information provider when an acknowledgement of user identity is 
received; 

is obtaining information from the information provider; and 

storing the information in a second memory unit of the control device. 

2. The method of claim 1 , wherein the coupling a control device to a 
digital processing system further includes coupling a Universal Serial Bus 
("USB") protocol connector to a USB receptacle of the digital processing system 

20 to facilitate communication. 

3. The method of claim 2, wherein the digital processing system further 
includes connecting to at least one of Internet, Intranet, wide area network 
("WAN") and local area network ("LAN"). 

4. The method of claim 3, wherein the obtaining user identification by 
25 executing a user authentication process further includes: 

activating a fingerprint detector to detect user's fingerprint; 

obtaining user's fingerprint from the fingerprint detector; 

retrieving fingerprint file from the first memory unit of the control device; 

and 

30 authenticating user's fingerprint in response to the fingerprint file. 
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5. The method of claim 4, wherein the obtaining user identification by 
executing a user authentication process further includes: 

activating an iris detector to detect user's iris; 
obtaining user's iris from the iris detector; 
5 retrieving iris file from the first memory unit of the control device; and 

authenticating user's iris in response to the iris file. 

6. The method of claim 1, wherein the providing the initialization 
information to the information provider further includes: 

retrieving security code associated with the information provider; 
10 sending the security code to the information provider; 

retrieving a public key associated with the information provider; and 
hashing the public key before the public key is sent to the information 
provider. 

7. The method of claim 3, wherein the obtaining information from the 
15 information provider further includes: 

sending an on-line transaction request to the information provider; and 
receiving the information in response to the on-line transaction request. 

8. The method of claim 3, wherein the obtaining information from the 
information provider further includes: 

20 sending a request for accessing a restricted Internet site to the information 

provider; and 

receiving the information in response to the request after the request is 
verified. 

9. The method of claim 3, wherein the obtaining information from the 
25 information provider further includes: 

sending a request of service or upgrades to the information provider; and 
receiving the information in response to the request after the request is 
verified. 

10. The method of claim 1, further comprising running navigation software 
30 to display the information stored in the second memory unit of the control device. 
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1 1 . A method of anti-piracy for providing controlled disseminating 
information through computer networks, the method comprising: 
coupling a SAKE to a host system; 
obtaining user's fingerprint from fingerprint sensor; 
5 verifying user's identity according to fingerprint data stored in a first ' 

memory unit of SAKE; 
retrieving a public key associated with the user from the first memory unit 
of SAKE; 

providing the public key to the information provider via the computer 
io networks through the host system; 

establishing a communication between SAKE and an information provider 

when a message of verified public key is received; 
obtaining information from the information provider; and 
storing the information in a second memory unit of SAKE. 
15 12. The method of claim 1 1 , wherein the coupling a SAKE to a host 

system further includes coupling a Universal Serial Bus ("USB") protocol 
connector to a USB receptacle of SAKE system to facilitate communication. 

13. The method of claim 12, wherein the host system further includes 
connecting to at least one of Internet, Intranet, wide area network ("WAN") and 

20 local area network ("LAN"). 

14. The method of claim 1 1 , wherein the providing the public key to the 
information provider via the computer networks through the host system further 
includes: 

sending security code to the information provider; and 
25 hashing the public key before the public key is sent. 

15. The method of claim 11 , wherein the providing the initialization • 
information to the information provider further includes: 

retrieving a public key associated with the information provider; and 
hashing the public key before hashed public key is sent to the information 
30 provider. 
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1 5. The method of claim 1 1 , wherein the obtaining information from the 
information provider further includes: 

sending an on-line transaction request to the information provider; and 

receiving the information in response to the on-line transaction request 
5 16. The method of claim 1 1 , wherein the obtaining information from the 

information provider further includes: 

sending a request for accessing a restricted Internet site to the information 
provider; and 

receiving the information in response to the request after the request is 
10 verified. 

1 7. The method of claim 1 1 , wherein the obtaining information from the 
information provider further includes: 

sending a request of service or upgrades to the information provider; and 
receiving the information in response to the request after the request is 
is verified. 

18. The method of claim 1 1, wherein the storing the information in a 
second memory unit of SAKE further includes encrypting the information in 
response to a private key before the information is stored in the first memory unit 
of SAKE. 

20 1 9. The method of claim 1 1 , further comprising: 

retrieving the information from the second memory unit of SAKE; 

decrypting the information; and 

running navigation software to display the information. 

20. The method of claim 1 , further comprising: 

25 loading tamper proof code into execution sequence when one of voltage, 

frequency and temperature detecting devices detects tampering; and 
executing tamper proof code. 

21 . An anti-piracy device for providing controlled disseminating 
information through Internet comprising: 

30 a processor; 
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an internal memory unit, coupled to the processor, configured to store 
identification data; 

a fingerprint sensor coupled to the processor and capable of reading 
user's fingerprint; 

5 a fingerprint verification unit, coupled to the fingerprint sensor, configured 

to authenticate user identity according to authentication data stored in the 
internal storage; 

a flash memory unit coupled to the processor for storing large amounts of 

data; 

10 a hashing algorithm unit coupled to the processor and configured to hash 

a public key for network access; and 

a universal serial bus ("USB") connector coupled to the processor for 
attaching to a system. 

22. The anti-piracy device of claim 21 , further comprising an encryption 
15 and decryption unit coupled to the processor and configured to encrypt the 

information received from the Internet in response to the private key before the 
information is stored in the flash memory unit. 

23. The anti-piracy device of claim 21 , further comprising an encryption 
and decryption unit coupled to the processor and configured to decrypt the. 

20 information stored in the flash memory unit before the information is sent over the 
Internet. 

24. The anti-piracy device of claim 21 , further comprising a tamper proof 
unit coupled to the processor and configured to destroy data stored in the internal 
and flash memory units when one of voltage, frequency and temperature 

25 detecting devices detects tampering condition. 

25. The anti-piracy device of claim 21 , further comprising: 

a fingerprint verification unit coupled to the processor and operable to 
authenticate user identity; and 

a USB controller coupled to the processor and configured to control 
30 communication between the anti-piracy device and the system. 
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26. A method for accessing restricted information by a user, said method 
comprising the steps of: 

coupling a portable storage device to a communication port of a client 
computer, said client computer communicatively coupled to a content server over 
5 a network, said content server storing restricted information, said portable 

storage device having a biometric detector disposed thereon and being capable 
of verifying user identity against a stored biometric template of an authorized 
user; 

capturing biometric information of a requester using said biometric 
10 detector; 

provided said portable data storage device authenticates said requester's 
identity, transmitting a first notification from said portable storage device to said 
content server; 

receiving a device authentication request from said content server and in 
15 response thereto transmitting a device authentication reply from said portable 
storage device to said content server, said device authentication reply for 
completing an authentication handshake between said content server and said 
portable storage device; 

receiving a key request from said content server and in response thereto 
20 transmitting a first key representative of said requester from said portable storage 
device to said content server, said first key for allowing said content server to 
confirm said requester's identity; 

receiving said restricted information from said content server; 

encrypting said restricted information using a second key representative of 
25 said requester's identity; and 

storing said restricted information into said portable storage device in 
encrypted form, wherein said stored encrypted information cannot be decrypted 
without using said second key. 

27. The method as recited in Claim 26, further comprising the step of 
30 erasing at least one of said first key, said second key, said biometric template 

and said stored encrypted data upon detecting at least one operation parameter 
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falling beyond a predetermined normal operating range, wherein said at least one 
operation parameter includes voltage, frequency and temperature. 

28. The method as recited in Claim 26, further comprising the step of 
hashing said first key before transmitting same to said content server. 
5 29. The method as recited in Claim 28, wherein a secure hashing 

algorithm resides in a non-volatile solid-state memory in said portable storage 
device, said secure hashing algorithm being used to hash said first key. 

30. The method as recited in Claim 26, wherein said first key is a public 
key that uniquely identifies said requester to third parties. 
io 31 . The method as recited in Claim 26, wherein said second key is a 

private key of said requester. 

32. The method as recited in Claim 26, wherein said biometric template 
comprises fingerprint information of said authorized user. 

33. The method as recited in Claim 26, wherein said communication port 
is of said client computer is a USB port and said portable storage device comprises 

a USB plug. 

34. The method as recited in Claim 26, wherein said stored encrypted 
information resides in a non-volatile solid-state memory in said portable storage 
device. 

20 35. The method as recited in Claim 26, wherein said device 

authentication reply comprises multiple authentication sequences transmitted 
from said portable storage device to said content server. 

36. The method as recited in Claim 26, wherein said restricted information 
is transmitted from said content server to said portable storage device by 

25 streaming. 

37. The method as recited in Claim 26, wherein said restricted information 
comprises copyrighted materials. 

38. The method as recited in Claim 26, wherein said restricted information 
comprises confidential medical records. 

30 39. The method as recited in Claim 26, wherein said restricted information 

comprises proprietary business information. 
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40. The method as recited in Claim 26, further comprising the step of 
completing an electronic payment transaction before said restricted information is 
received from said content server. 
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